package com.conversationboard.controller;

import java.io.IOException;
import java.sql.SQLException;

import javax.servlet.RequestDispatcher;
import javax.servlet.ServletException;
import javax.servlet.annotation.WebServlet;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

import com.conversationboard.cache.BannedUserCache;
import com.conversationboard.model.Role;
import com.conversationboard.model.User;

@WebServlet(name = "AdminBanControllerServlet", urlPatterns = "/Admin/AdminBanControllerServlet")
public class AdminBanControllerServlet extends HttpServlet {

	private static final long serialVersionUID = -8248095706263698276L;


	private void siteBan(User admin, User toBeBanned, boolean temporary) throws SQLException {
		toBeBanned.ban(admin, null, temporary, 0);
	}


	private void boardBan(User admin, User toBeBanned, int boardId, boolean temporary) throws SQLException {
		toBeBanned.ban(admin, null, temporary, boardId);
	}


	protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {

		request.setCharacterEncoding("UTF-8");
		response.setCharacterEncoding("UTF-8");

		try {

			String loginIdToBeBanned = request.getParameter("loginid");
			int boardId = Integer.parseInt(request.getParameter("board"));
			String temporaryString = request.getParameter("checkbox");
			boolean siteBan = (boardId == 0);
			boolean temporary = (temporaryString != null);
			User adminUser = User.get(request.getUserPrincipal().getName());
			User toBeBanned = User.get(loginIdToBeBanned);

			if (!SecurityChecks.passes(request, adminUser, this)) {
				return;
			}

			if (toBeBanned.getRole() == Role.Anonymous || toBeBanned.getLoginId().length() == 0) {
				RequestDispatcher dispatcher = request.getRequestDispatcher("/Pages/messagepage.jsp");
				request.setAttribute("message", "This is an unregistered/anonymous user - you cannot ban them.");
				dispatcher.forward(request, response);
				return;
			}

			/* Ensure Board IDs only make a ban for their board */

			if ((!adminUser.isBoardAdmin(boardId)) && (!adminUser.isSiteAdmin())) {
				RequestDispatcher dispatcher = request.getRequestDispatcher("/Pages/messagepage.jsp");
				request.setAttribute("message", "You are not authorised to perform that operation.");
				dispatcher.forward(request, response);
				return;
			}

			if (siteBan) {
				if (adminUser.isSiteAdmin()) {
					this.siteBan(adminUser, toBeBanned, temporary);
				} else {
					return;
				}
			} else {
				if (adminUser.isBoardAdmin(boardId)) {
					this.boardBan(adminUser, toBeBanned, boardId, temporary);
				} else {
					return;
				}
			}

			RequestDispatcher dispatcher = request.getRequestDispatcher("/Pages/messagepage.jsp");

			if (temporary) {
				request.setAttribute("message", "User has been successfully banned for " + ((toBeBanned.getBanCount() + 1) * BannedUserCache.TEMPORARY_BAN_LENGTH_IN_DAYS) + " days.");
			} else {
				request.setAttribute("message", "User has been permanently banned.");
			}

			dispatcher.forward(request, response);

		} catch (SQLException e) {
			throw new ServletException(e);
		}

	}

}
